Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 5. Copyright Pearson Prentice-Hall 2010  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a.

Published bySamuel Jordan Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 5. Copyright Pearson Prentice-Hall 2010  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a."— Presentation transcript:

1 Chapter 5

2 Copyright Pearson Prentice-Hall 2010  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a number of important access control tools, such as reusable passwords and biometrics 2

3 Copyright Pearson Prentice-Hall 2010  Access Controls ◦ Firms must limit access to physical and electronic resources ◦ Access control is the policy-driven control of access to systems, data, and dialogues  Cryptography ◦ Many access control tools use cryptography to some extent ◦ However, cryptography is only part of what they do and how they work 3

4 Copyright Pearson Prentice-Hall 2010  The AAA Protections ◦ Authentication—supplicant sends credentials to verifier to authenticate the supplicant ◦ Authorization—what permissions the authenticated user will have  What resources he or she can access  What he or she can do with these resources  Read, Write, Delete ◦ Auditing—recording what people do in log files  Detecting attacks  Identifying breakdowns in implementation 4

5 Copyright Pearson Prentice-Hall 2010  Beyond Passwords ◦ Passwords used to be sufficiently strong ◦ This is no longer true thanks to increasing computer speeds available to hackers ◦ Companies must move to better authentication options 5

6 Copyright Pearson Prentice-Hall 2010  For Authentication you need  Credentials Which Are Based On ◦ What you know (e.g., a password) ◦ What you have (e.g., an access card) ◦ What you are, or (e.g., your fingerprint) ◦ What you do (e.g., speaking a passphrase) 6

7 Copyright Pearson Prentice-Hall 2010  Two-Factor Authentication ◦ Use two forms of authentication for defense in depth ◦ Example: access card and personal identification number (PIN)  Multifactor authentication: two or more types of authentication ◦ Both can be defeated by a Trojan horse on the user’s PC ◦ Can also be defeated by a man-in-the-middle attack by a fake website 7

8 Copyright Pearson Prentice-Hall 2010  Individual access control—base access rules on individual accounts  Role-based access control (RBAC) ◦ Base access rules on organizational roles (buyer, member of a team, etc.) ◦ Assign individual accounts to roles to give them access to the role’s resources  Cheaper and less error-prone than basing access rules on individual accounts 8

9 Copyright Pearson Prentice-Hall 2010  Human and Organizational Controls ◦ People and organizational forces may circumvent access protection 9

10 Copyright Pearson Prentice-Hall 2010  Mandatory and Discretionary Access Control ◦ Mandatory access control (MAC)  No departmental or personal has ability to alter access control rules set by higher authorities ◦ Discretionary access control (DAC)  Departmental or personal ability to alter access control rules set by higher authorities ◦ MAC gives stronger security but is very difficult to implement 10

11 Copyright Pearson Prentice-Hall 2010  Multilevel Security ◦ Resources are rated by security level  Public  Sensitive but unclassified  Secret  Top secret ◦ People are given the same clearance level 11

12 Copyright Pearson Prentice-Hall 2010  Multilevel Security ◦ Some rules are simple  People with a secret clearance cannot read top secret documents ◦ Some rules are complex  What if a paragraph from a top secret document is placed in a secret document? ◦ Access control models have been created to address multilevel security  Will not discuss because not pertinent to corporations 12

13 Copyright Pearson Prentice-Hall 2010  ISO/IEC 27002’s Security Clause 9, Physical and Environmental Security  Risk Analysis Must Be Done First  ISO/IEC 9.1: Secure Areas  ISO/IEC 9.2: Secure Equipment 13

14  Securing the building’s physical perimeter ◦ Single point of entry ◦ No gaps into/out of building ◦ If using a reception area it must be constantly staffed  Implementing physical entry controls ◦ All Access must be authorized  Access should be justified, authorized, logged, and monitored  ID badges should be worn Copyright Pearson Prentice-Hall 2010 14

15 Copyright Pearson Prentice-Hall 2010  Securing public access, delivery, and loading areas ◦ These are sensitive zones within a building  Limit access to internal employees  No entry for delivery / pick-up personnel  Incoming shipments need inspection and logging  Outgoing shipments need to be separate from incoming  Securing offices, rooms, and facilities ◦ Locate away from public access ◦ Do not list in internal maps or directories ◦ Limited access mechanisms (locks, key cards, etc.)  Protecting against external and environmental threats ◦ Hazardous and combustible material should not be located in sensitive areas ◦ Back-ups and disaster recovery need to be located away from the building 15

16  Creating rules for working in secure areas ◦ Special rules in place for those working in these areas  No photographic, data recording equipment  Should not be unsupervised  Inspections of those entering and leaving area Copyright Pearson Prentice-Hall 2010 16

17 Copyright Pearson Prentice-Hall 2010  Equipment siting and protection ◦ Siting means locating or placing ◦ Minimize access ◦ Minimize potential damage from water, smoke, vandalism, threats  Supporting utilities (electricity, water, HVAC)  Uninterruptible power supplies, electrical generators  Frequent testing 17

18 Copyright Pearson Prentice-Hall 2010  Cabling security ◦ Wires should be placed underground or in walls ◦ Use Conduits if not possible ◦ Wiring closets should be locked and monitored  Security during offsite equipment maintenance  Permission for taking offsite  Removal of sensitive information 18

19 Copyright Pearson Prentice-Hall 2010  Security of equipment off-premises ◦ Constant attendance except when locked securely ◦ Insurance  Secure disposal or reuse of equipment ◦ Removal of all sensitive information  Rules for the removal of property ◦ Requires proper authorization ◦ Limit who can authorize over a period of time ◦ Limit time property can be off-site ◦ Log removals 19

20  "algorithms used to command and control the International Space Station" were lost when an unencrypted NASA laptop computer was stolen in March 2011”  NASA Inspector General Paul K. Martin ◦ "NASA has been slow to implement full-disk encryption on the notebook computers and other mobile computing devices it provides to its employees, potentially exposing sensitive information to unauthorized disclosure when such devices are lost or stolen. In fact... the OMB reported a Government- wide encryption rate for these devices of 54 percent. However, as of February 1, 2012, only 1 percent of NASA portable devices/laptops have been encrypted." Copyright Pearson Prentice-Hall 201020

21 Copyright Pearson Prentice-Hall 2010  Terrorism ◦ Building setback from street ◦ Armed guards ◦ Bullet-proof glass  Piggybacking ◦ Following an authorized user through a door ◦ Also called tailgating ◦ Psychologically difficult to prevent ◦ But piggybacking is worth the effort to prevent 21

22 Copyright Pearson Prentice-Hall 2010  Monitoring Equipment ◦ CCTV ◦ Tapes wear out ◦ High-resolution cameras are expensive and consume a great deal of disk space ◦ Low-resolution cameras may be insufficient for recognition needs ◦ To reduce storage, use motion sensing 22

23 Copyright Pearson Prentice-Hall 2010  Dumpster [TM] Diving ◦ Protect building trash bins that may contain sensitive information ◦ Maintain trash inside the corporate premises and monitor until removed  Desktop PC Security ◦ Locks that connect the computer to an immovable object ◦ Login screens with strong passwords 23

24 Copyright Pearson Prentice-Hall 2010  Reusable Passwords ◦ A password that is used multiple times ◦ Almost all passwords are reusable passwords  A one-time password is used only once 24

25 Copyright Pearson Prentice-Hall 2010  External / Remote Password cracking ◦ Account is usually locked after a few login failures  Internal Password cracking ◦ Use of Password-Cracking Programs  Run on a computer to crack its passwords or  Run on a downloaded password file 25

26 Copyright Pearson Prentice-Hall 2010  Password-Cracking Programs ◦ Brute-force password guessing  Try all possible passwords of Length 1, Length 2, etc.  Thwarted by passwords that are long and complex (using all keyboard characters)  N is the password length, in characters  Alphabet, no case: N 26 possible passwords  Alphabet, upper and lower case (N 52 )  Alphanumeric (letters and digits) (N 62 )  All keyboard characters (~N 80 ) 26

27 Copyright Pearson Prentice-Hall 2010 27 Password Length in Characters Low Complexity: Alphabetic, No Case (N=26) Alphabetic, Case-Sensitive (N=52) Alphanumeric: Letters and Digits (N=62) High Complexity: All Keyboard Characters (N=80) 126526280 26762,7043,8446,400 4456,9767,311,61614,776,33640,960,000 6308,915,77619,770,609,66 4 56,800,235,58 4 2.62144E+11 82.08827E+115.34597E+132.1834E+141.67772E+15 101.41167E+141.44555E+178.39299E+171.07374E+19 Note: On average, an attacker will have to try half of all combinations.

28 Copyright Pearson Prentice-Hall 2010  Password-Cracking Programs ◦ Dictionary attacks  Many people do not choose random passwords  Dictionary attacks on common word passwords are almost instantaneous  Names of people and pets  Names of ports teams, etc.  Hybrid dictionary attacks on common word variants (e.g., Processing1) 28

29 Copyright Pearson Prentice-Hall 2010  Other Password Threats ◦ Keystroke Capture Software  Trojan horse displays a fake login screen, reports its finding to attackers ◦ Shoulder Surfing  Attacker watches as the victim types a password  Even partial information can be useful  Part of the password: P_ _sw_ _d  Length of the password (reduces time to do brute-force cracking) ◦ iPhone/smartphone keylogging (reported 10/18/2011)  Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers  Solution, keep smartphone away from your keyboard 29

30 Copyright Pearson Prentice-Hall 2010  Password Strength Policies ◦ Password policies must be long and complex  At least 8 characters long  Change of case, not at beginning  Digit (0 through 9), not at end  Other keyboard character, not at end  Example: tri6#Vial ◦ Completely random passwords are best but usually are written down ◦ Testing and enforcing passwords 30

31 Copyright Pearson Prentice-Hall 2010  Other Password Policies ◦ Not using the same password at multiple sites ◦ Password duration policies ◦ Shared password policies (makes auditing impossible) ◦ Disabling passwords that are no longer valid 31

32 Copyright Pearson Prentice-Hall 2010  Other Password Policies ◦ Lost passwords (password resets)  Opportunities for social engineering attacks  Contacting Help-desk to ask for password- reset  Costly to implement ◦ Automated password resets use secret questions (Where were you born?)  Many can be guessed with a little research, rendering passwords useless 32

33  Use Password Manager ◦ 1Password 1Password ◦ Roboform Roboform  Password Based Key Derivation Function Version 2 (PBKDFV2) ◦ Systems using PBKDFV2 Systems using PBKDFV2 Copyright Pearson Prentice-Hall 201033

34  I have two pets named Fred and Alice ◦ Ihave2pets:Fred&Alice ◦ Looks pretty secure but…  Use Spaces to help you remember ◦ I have 2 pets: Fred & Alice  Don’t tell the truth: ◦ I have 3 pets: LeBron, Dwane & Chris  Don’t make sense: ◦ I have 35 pets: LeBron, Dwane & Chris  Avoid predictable phrases ◦ I have 35 pets: Lebron, Dwane & Amy  But this is still predicatable Copyright Pearson Prentice-Hall 2009 34

35  Introduce randomness into passwords  Roll dice to select word  Roll dice again to select next word  Continue  Even Stronger ◦ Insert your own word into the set of Diceware words  P35:LD&A + Diceware words Copyright Pearson Prentice-Hall 2010 35

36 Copyright Pearson Prentice-Hall 2010  The End of Passwords? ◦ Many firms want to eliminate passwords because of their weaknesses ◦ Quite a few firms have already largely phased them out 36

37 Copyright Pearson Prentice-Hall 2010  Access Cards ◦ Magnetic stripe cards ◦ Smart cards  Have a microprocessor and RAM  Can implement public key encryption for challenge/response authentication ◦ In selection decision, must consider cost and availability of card readers 37

38 Copyright Pearson Prentice-Hall 2010 38

39 Copyright Pearson Prentice-Hall 2010  Tokens ◦ Constantly changing password devices for one-time passwords ◦ USB plug-in tokens  Similar to Access Cards but without the need for dedicated readers 39

40 Copyright Pearson Prentice-Hall 2010  Proximity Access Tokens ◦ Use Radio Frequency ID (RFID) technology ◦ Supplicant only has to be near a door or computer to be recognized  Addressing Loss and Theft ◦ Both are frequent ◦ Card cancellation  Requires a wired network for cancellation speed  Must cancel quickly if risks are considerable 40

41 Copyright Pearson Prentice-Hall 2010  Two-Factor Authentication Needed because of Ease of Loss and Theft ◦ PINs (Personal Identification Numbers) for the second factor  Short: 4 to 6 digits  Can be short because attempts are manual  Should not choose obvious combinations (1111, 1234) or important dates ◦ Other forms of two-factor authentication  Store fingerprint template on device; check supplicant with a fingerprint reader 41

42 Copyright Pearson Prentice-Hall 2010  Biometric Authentication ◦ Authentication based on biological (bio) measurements (metrics).  Biometric authentication is based on something you are (your fingerprint, iris pattern, face, hand geometry, and so forth)  Or something you do (write, type, and so forth). ◦ The major promise of biometrics is to make reusable passwords obsolete 42

43 Copyright Pearson Prentice-Hall 2010  Scan data ◦ Large quantities of data captured  Key Feature capture  Key Feature stored as template is variable (scan fingerprint differently each time)  Later access attempts provide access data, which will be turned into key feature data for comparison with the template 43

44 Copyright Pearson Prentice-Hall 2010 44

45 Copyright Pearson Prentice-Hall 2010  Biometric access key features will never be exactly the same as the template ◦ Match Index is calculated for difference between template and scan ◦ Decision criterion determines how small match index can be for authentication  Requiring an overly exact match index will cause many false rejections  Requiring too loose a match index will cause more false acceptances 45

46 Copyright Pearson Prentice-Hall 2010  False Acceptance Rates (FARs) ◦ Percentage of people who are identified or verified as matched to a template but should not be  False Rejection Rates (FRRs) ◦ Percentage of people who should be identified or verified as matches to a template but are not 46

47 Copyright Pearson Prentice-Hall 2010  Which is Worse? ◦ It depends on the situation 47 SituationFalse acceptance False rejection Identification for computer access Security Violation Inconvenience Verification for computer access Security Violation Inconvenience Watch list for door access Security Violation Inconvenience Watch list for terroristsInconvenienceSecurity Violation

48 Copyright Pearson Prentice-Hall 2010  Vendor Claims for FARs and FRRs ◦ Tend to be exaggerated through tests under ideal conditions  Failure to Enroll (FTE) ◦ Subject cannot enroll in system ◦ E.g., poor fingerprints due to construction work, clerical work, age, etc.) 48

49 Copyright Pearson Prentice-Hall 2010  Errors ◦ subject is not trying to fool the system  Deception ◦ subject is trying to fool the system  Hide face from cameras used for face identification  Impersonate someone by using a gelatin finger on a fingerprint scanner  Etc. 49

50 Copyright Pearson Prentice-Hall 2010  Many biometric methods are highly vulnerable to deception ◦ Fingerprint scanners should only be used where the threat of deception is very low ◦ Fingerprint scanners are better than passwords because there is nothing to forget ◦ Fingerprint scanners are good for convenience rather than security 50

51 Copyright Pearson Prentice-Hall 2010  Verification ◦ Supplicant claims to be a particular person ◦ Is the supplicant who he or she claims to be? ◦ Compare access data to a single template (the claimed identity) ◦ Verification is good to replace passwords in logins ◦ If the probability of a false acceptance (false match) probability is 1/1000 per template match,  The probability of a false acceptance is 1/1000 (0.1%) 51

52 Copyright Pearson Prentice-Hall 2010  Identification ◦ Supplicant does not state his or her identity ◦ System must compare supplicant data to all templates to find the correct template ◦ If the probability of a false acceptance (false match) probability is 1/1000 per template match,  If there are 500 templates in the database, then  the probability of a false acceptance is 500 * 1/1000 (50%) ◦ Good for door access 52

53 Copyright Pearson Prentice-Hall 2010  Watch Lists ◦ Subset of identification ◦ Goal is to identify members of a group:  Terrorists  People who should be given access to an equipment room ◦ Comparison < All templates 53

54 Copyright Pearson Prentice-Hall 2010  Watch Lists ◦ More comparisons than validation but fewer than identification, so the risk of a false acceptance is intermediate ◦ If the probability of a false acceptance (false match) probability is 1/1000 per template match,  If there are 10 templates in the watch list, then  The probability of a false acceptance is 10 * 1/1000 (1%) 54

55 Copyright Pearson Prentice-Hall 2010  Fingerprint Recognition ◦ Simple, inexpensive, well proven ◦ Most biometrics today is fingerprint recognition ◦ Often can be defeated with latent fingerprints on glasses copied to gelatin fingers ◦ However, fingerprint recognition can take the place of reusable passwords for low-risk applications 55

56 Copyright Pearson Prentice-Hall 2010  Iris Recognition ◦ Pattern in colored part of eye ◦ Uses a camera (no light is shined into eye, as in Hollywood movies) ◦ Very low FARs ◦ Very expensive 56

57 Copyright Pearson Prentice-Hall 2010  Face Recognition ◦ Surreptitious identification is possible (in airports, etc.) ◦ Surreptitious means without the subject’s knowledge ◦ High error rates, even without deception  Hand Geometry for Door Access ◦ Shape of hand ◦ Reader is very large, so usually used for door access 57

58 Copyright Pearson Prentice-Hall 2010  Voice Recognition ◦ High error rates ◦ Easily deceived by recordings  Other Forms of Biometric Authentication ◦ Veins in the hand ◦ Keystroke recognition (pace in typing password) ◦ Signature recognition (hand-written signature) ◦ Gait (way the person walks) recognition 58

59  Researchers at Japan’s Advanced Institute of Industrial Technology have developed a seat that can identify the user by the shape and heft of their buttocks.  One of the advantages of the technology, according to the team, is that it’s less awkward than other forms of biometric technology. Doing a retina scan or using a fingerprint machine is intrusive, but sitting down has been normal for mankind since the evolution of the posterior.  Source: The Register (12/27/2011)The Register 59

60 Copyright Pearson Prentice-Hall 2010  Key Points from Chapter 3 ◦ Cryptographic systems have initial and message- by-message authentication ◦ MS-CHAP uses passwords for initial authentication ◦ Electronic signatures provide message-by-message authentication  Key-Hashed Message Authentication Codes (HMACs) are fast and inexpensive  Digital signatures with digital certificates are extremely strong but slow ◦ Public key authentication with digital certificates are also good for initial authentication  Require a Public Key Infrastructure (PKI) 60

61 Copyright Pearson Prentice-Hall 2010  Public Key Infrastructures (PKIs) ◦ Used to create and manage public-private key pairs and digital certificates  Utilizes Certificate Authorities ◦ It is an integrated system consisting of:  Software  Encryption methodologies  Protocols  Legal agreements  3 rd party services ◦ Firms can be their own certificate authorities (CAs) ◦ But this requires a great deal of labor 61

62  Generate Keys ◦ Keys of certain strength using certain cipher  Generate Certificate ◦ Allocate to user ◦ Bind user to Keys  Distribute Keys ◦ Private Keys to End-Users ◦ Public Keys on Certificates to Certificate servers (PKI server)  Storage ◦ Need to store keys and certificates  Revocation ◦ Invalidate Keys via Certificate Revocation Lists (CRLs) ◦ Respond to Online Certification Status Protocol (OCSP) ◦ Keys can also expire after a set period of time has elapsed Copyright Pearson Prentice-Hall 2010 62

63  Accepting of public keys  Providing new digital certificates ◦ Prime Authentication Problem  Must be very careful to authenticate individual with credentials before providing keys and certificates  This can be the “weak link” Copyright Pearson Prentice-Hall 2010 63

64 Copyright Pearson Prentice-Hall 2010  Public Key Infrastructures (PKIs) ◦ Provisioning  Human registration is often the weakest link  If an impostor is given credentials, no technology access controls will work  Limit who can submit names for registration  Limit who can authorize registration  Have rules for exceptions  Must have effective terminating procedures  Supervisors and Human Resources department must assist 64

65 Copyright Pearson Prentice-Hall 2010 65

66 Copyright Pearson Prentice-Hall 2010  Authorizations ◦ Authentication: Proof of identity ◦ Authorization: The assignment of permissions (specific authorizations) to individuals or roles ◦ Just because you are authenticated does not mean that you should be able to do everything 66

67 Copyright Pearson Prentice-Hall 2010  Principle of Least Permissions ◦ Initially give people only the permissions a person absolutely needs to do his or her job ◦ If assignment is too narrow, additional permissions may be given  If assignment is too narrow, the system fails safely 67

68 Copyright Pearson Prentice-Hall 2010  Principle of Least Permissions ◦ System has permissions A, B, C, D, E, and F  Person needs A, C, and E  If only given A and C, can add E later although user will be inconvenienced  Errors tend not to create security problems  Fails safely ◦ This will frustrate users somewhat 68

69 Copyright Pearson Prentice-Hall 2010  Giving Extensive or Full Permissions Initially Is Bad ◦ User will almost always have the permissions to do its job ◦ System has permissions A, B, C, D, E, and F  Person needs A, C, and E  If only given all and take away B and D, still has F  Errors tend to create security problems 69

70 Copyright Pearson Prentice-Hall 2010  Giving Extensive or Full Permissions Initially Is Bad ◦ Assignments can be taken away, but this is subject to errors ◦ Such errors could give excessive permissions to the user ◦ This could allow the user to take actions contrary to security policy ◦ Giving all or extensive permissions and taking some away does not fail safely 70

71 Copyright Pearson Prentice-Hall 2010  Auditing ◦ Authentication: Who a person is ◦ Authorization: What a person may do with a resource ◦ Auditing: What the person actually did 71

72 Copyright Pearson Prentice-Hall 2010  Logging ◦ Records actions of an account owner on a resource(s) ◦ Stored in a log file ◦ Unless logs are reviewed they are useless ◦ Logs should be reviewed by external auditors occasionally ◦ Logging systems should provide for real-time alerts ◦ LogRythm LogRythm 72

73 Copyright Pearson Prentice-Hall 2010 73

74 Copyright Pearson Prentice-Hall 2010 74 Remember EAP from Ch. 4

75  Microsoft uses KERBEROS 1. Supplicant sends credentials 2. If successful, Kerberos sends Ticket-Granting-Ticket (TGT) 3. Supplicant wants to connect to host (verifier) ◦ Presents TGT 4. Kerberos sends supplicant Service Ticket (ST) 5. Supplicant sends ST to Host / Verifier 6. Host uses its symmetric key to decrypt ST providing a session key to use with supplicant 7. Supplicant uses Kerberos symmetric key (sent along with ST) to decrypt Host / Verifier session key 8. Ongoing communication between Supplicant and Host using symmetric session key Copyright Pearson Prentice-Hall 2010 75

76 Copyright Pearson Prentice-Hall 2010 76

77 Copyright Pearson Prentice-Hall 2010 77

78  Store information about: ◦ People ◦ Equipment ◦ Software ◦ Databases  Information stored: ◦ Authentication ◦ Authorization ◦ Auditing ◦ Additional information  Data is stored hierarchically ◦ Top Level = organization ◦ Organizational Unit  Central Authentication Servers Directory Servers ◦ Lightweight Data Access Protocol (LDAP) Copyright Pearson Prentice-Hall 201078

79 Copyright Pearson Prentice-Hall 2010 79

80 Copyright Pearson Prentice-Hall 2010 80

81  Microsoft Directory Server aka Controller  Active Directory Domains ◦ Division of Company resources  Usually Organizational Units Copyright Pearson Prentice-Hall 2010 81

82 Copyright Pearson Prentice-Hall 2010 82 Domains are Controlled by Domain Controllers Domains are Controlled by Domain Controllers The Corporation is Divided Into Microsoft Domains The Corporation is Divided Into Microsoft Domains Each Domain Controller Runs Kerberos and AD Each Domain Controller Runs Kerberos and AD A Domain Can Have Multiple Domain Controllers A Domain Can Have Multiple Domain Controllers

83 Copyright Pearson Prentice-Hall 2010 83 Not Shown: There Can be a Forest of Trees Not Shown: There Can be a Forest of Trees There Can be a Tree of Domains There Can be a Tree of Domains Domain Controllers in Parent and Child Domains Do Partial Replication Domain Controllers in Parent and Child Domains Do Partial Replication Domain Controllers in a Domain Do Total Replication Domain Controllers in a Domain Do Total Replication

84 Copyright Pearson Prentice-Hall 2010  Trust ◦ One directory server will accept information from another  Trust Directionality ◦ Mutual  A trusts B and B trusts A ◦ One-Way  A trusts B or B trusts A, but not both 84

85 Copyright Pearson Prentice-Hall 2010  Trust Transitivity ◦ Transitive Trust  If A trusts B  and B trusts C,  then A trusts C automatically ◦ Intransitive Trust  If A trusts B  and B trusts C,  This does NOT mean that A trusts C automatically 85

86 Copyright Pearson Prentice-Hall 2010 86 A Metadirectory Server Synchronizes Multiple Directory Servers A Metadirectory Server Synchronizes Multiple Directory Servers

87  Federated Identity Management  Assertions vs. Authentication  Supplicant authenticates within company A than sends assertion to company B  Company B accepts assertion if it trusts Company A  Assertions contain: ◦ Authentication  Supplicant has been authenticated with company A ◦ Authorizations  What can suppliant access ◦ Attribute(s)  Security Assertion Markup Language (SAML) ◦ XML vocabulary used to send AAA Copyright Pearson Prentice-Hall 2010 87

88 Copyright Pearson Prentice-Hall 2010 88 In Federated Identity Management, Business Partners do not Access Each Other’s Databases. Instead, They Send Assertions About a Person. The Receiver Trusts the Assertions. In Federated Identity Management, Business Partners do not Access Each Other’s Databases. Instead, They Send Assertions About a Person. The Receiver Trusts the Assertions.

89 Copyright Pearson Prentice-Hall 2010 89 Types of Assertions: Authentication, Authorizations, Attributes. Assertions are Standardized by SAML. SAML Uses XML for Platform Independence. Types of Assertions: Authentication, Authorizations, Attributes. Assertions are Standardized by SAML. SAML Uses XML for Platform Independence.

90 Copyright Pearson Prentice-Hall 201090

91 Copyright Pearson Prentice-Hall 200991

92 Copyright Pearson Prentice-Hall 2010  Definition ◦ Identity management is the centralized policy- based management of all information required for access to corporate systems by a person, machine, program, or other resource. 92

93 Copyright Pearson Prentice-Hall 2010  Benefits of Identity Management ◦ Reduction in the redundant work needed to manage identity information ◦ Consistency in information ◦ Rapid changes ◦ Central auditing ◦ Single sign-on  At least reduced sign-on when SSO is impossible ◦ Increasingly required to meet compliance requirements 93

94 Copyright Pearson Prentice-Hall 2010  Identity ◦ The set of attributes about a person or nonhuman resource that must be revealed in a particular context  Subordinate to a particular person  Manager of a department  Buyer dealing with another company  Manager responsible for a database ◦ Principle of minimum identity data: only reveal the information necessary in a particular context 94

95 Copyright Pearson Prentice-Hall 2010  Identity Management ◦ Initial credential checking ◦ Defining identities (pieces of information to be divulged) ◦ Managing trust relationships ◦ Provisioning, reprovisioning if changes, and deprovisioning 95

96 Copyright Pearson Prentice-Hall 2010  Identity Management ◦ Implementing controlled decentralization  Do as much administration as possible locally  This requires tight policy controls to avoid problems ◦ Providing self-service functions for non-sensitive information  Marital status, etc. 96

97 97

98 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2010 Pearson Education, Inc. Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall

Download ppt "Chapter 5. Copyright Pearson Prentice-Hall 2010  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a."

Similar presentations

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.

15 Tactical Improvements to IT Security Virtual Keyboard, Two Factor Authentication, Active Confirmation and FAA Access to CPS Online Ganesh Reddy.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Access Control Methodologies

Access Control Methodologies
Copyright © 2015 Pearson Education, Inc. Chapter 5 Chapter 5.

Copyright © 2015 Pearson Education, Inc. Chapter 5 Chapter 5.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.

Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.
Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.

Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
Chapter 5.  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a number of important access control tools,

Chapter 5.  If attackers cannot get access to your resources, they cannot attack them  This chapter presents a number of important access control tools,

Similar presentations

Ads by Google